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Claims : 

1 1 . A system for executing a software application comprising a plurality of 

2 hardware independent bytecodes, the system comprising: 

3 a computing system that generates bytecodes; 

4 a virtual machine, remote to the computing system, comprising means for receiving a 

5 plurality of bytecodes from said computing system, and means for executing said plurality of 

6 bytecodes; 

7 means for testing said bytecodes against a set of predetermined criteria; and 

8 means for securely distributing said testing means between said virtual machine and 

9 said computing system so that the bytecode verification completed by the computing system 

1 0 is authenticated by the virtual machine prior to the execution of the bytecodes by said virtual 

1 1 machine. 

1 2. The system of Claim 1, wherein said remote computing system comprises 

2 means for determining that the bytecodes comply with a predetermined set of criteria to 

3 generate verified bytecodes, and means for generating a proof of authenticity attached to said 

4 verified bytecodes to generate authenticated bytecodes so that the authenticated bytecodes 

5 are tamper-resistant. 

1 3 . The system of Claim 2, wherein said virtual machine comprises means for 

2 determining that the authenticated bytecodes are not corrupted comprising means for 

3 generating a proof of authenticity based on the received bytecodes, and means for comparing 

4 said generated proof of authenticity against said authenticated bytecodes. 
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4. The system of Claim 2, wherein said virtual machine comprises means for 
performing limited run-time testing of said authenticated bytecodes. 

5. The system of Claim 4, wherein said performing means comprises means for 
testing the memory access of said authenticated bytecodes. 

6. The system of Claim 2, wherein said virtual machine comprises means for 
storing authenticated bytecodes in a non-volatile manner so that the authenticated bytecodes 
are not repeatedly communicated with the virtual machine. 

7. A virtual machine for executing a software application comprising a plurality 
of bytecodes, the virtual machine being executed by a hardware processor, the virtual 
machine comprising: 

means for receiving an authenticated bytecode, the authenticated bytecode being 
previously compared against a predetermined set of criteria and having a proof of 
authenticity; 

means for determining that the authenticated bytecode is not corrupted based on the 
proof of authenticity; and 

means for executing said bytecode. 

8. The virtual machine of Claim 7 further comprising means for checking, at run- 
time, said authenticated bytecode for memory access errors. 
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1 9. The virtual machine of Claim 7, wherein said determining means comprises 

2 means for generating a proof of authenticity, and means for comparing the generated proof of 

3 authenticity against the proof of authenticity attached to the received bytecode. 

1 1 0. The virtual machine of Claim 7, wherein said virtual machine comprises means 

2 for storing authenticated bytecodes in a non-volatile manner so that the authenticated 

3 bytecodes are not repeatedly communicated with the virtual machine. 

1 11. A system for executing a software application comprising a plurality of 

2 bytecodes, the system comprising: 

3 a computer system comprising means for verifying that a bytecode conforms to a 

4 predetermined set of criteria to generate a verified bytecode, and means for generating a 

5 secure verified bytecode from said verified bytecode; and 

6 a virtual machine, remote from said computer system, for executing said secure 

7 verified bytecodes, said virtual machine comprising means for receiving said secure verified 

8 bytecodes, means for determining that the secure verified bytecodes are not corrupted, and 

9 means for executing said secure verified bytecodes. 

1 12. The system of Claim 1 1, wherein said virtual machine comprises means for 

2 performing limited run-time testing of said received bytecodes. 
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1 13. The system of Claim 1 1 , wherein said computing system comprises means for 

2 generating a proof of authenticity, and means for attaching said proof of authenticity to said 

3 bytecodes. 

1 14. The system of Claim 12, wherein said virtual machine comprises means for 

2 generating a proof of authenticity, and means for comparing said generated proof of 

3 authenticity against said received proof of authenticity to determine that said received 

4 bytecode is not corrupted. 

1 1 5. A smart card having a plastic card having a microcontroller embedded therein, 

2 the smart card comprising: 

3 a virtual machine being executed by a microcontroller, the virtual machine executing a 

4 software application comprising a plurality of previously verified bytecodes, the virtual 

5 machine comprising means for receiving an authenticated bytecode, the authenticated 

6 bytecode being previously compared against a predetermined set of criteria and having a 

7 proof of authenticity, means for determining that the authenticated bytecode is not corrupted 

8 based on the proof of authenticity, and means for executing said bytecode. 

1 16. The smart card of Claim 15 further comprising means for checking, at run- 

2 time, said received bytecode for run-time memory access errors. 

1 17. The smart card of Claim 15, wherein said authenticated bytecode comprises a 

2 proof of authenticity attached to said received bytecode, and wherein said determining means 
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3 comprises means for generating a proof of authenticity, and means for comparing the 

4 generated proof of authenticity against the proof of authenticity attached to the received 

5 bytecode to determine if the authenticated bytecode is corrupted. 

1 18. A method for executing a software application on a virtual machine, the 

2 application comprising a plurality of bytecodes, comprising: 

3 receiving an authenticated bytecode by a virtual machine, the authenticated 

4 bytecode being previously compared against a predetermined set of criteria and having 

5 a proof of authenticity; 

6 determining that the authenticated bytecode is not corrupted based on the proof 

7 of authenticity; and 

8 executing said bytecode. 

1 19. The virtual machine of Claim 1 8 further comprising checking, at run- 

2 time, said authenticated bytecode for memory access errors. 

1 20. The virtual machine of Claim 18, wherein determining comprises 

2 generating a proof of authenticity, and comparing the generated proof of authenticity 

3 against the proof of authenticity attached to the received bytecode. 

1 21 . The virtual machine of Claim 1 8 further comprising storing 

2 authenticated bytecodes in a non-volatile manner so that the authenticated bytecodes 

3 are not repeatedly communicated with the virtual machine. 
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1 22. A virtual machine for executing a software application comprising aplurality 

2 of bytecodes, the virtual machine being-executed by a hardware processor, the virtual 

3 machine comprising: 

4 means for receiving data comprising a plurality of authenticated bytecodes, the 

5 authenticated bytecodes being previously compared against a predetermined set of criteria tc 

6 reduce the amount of data received by the virtual machine; 

7 means for determining that the authenticated bytecodes are not corrupted; and 

8 means for executing said bytecodes. 

1 23 . The virtual machine of Claim 22, wherein said data received by said 

2 virtual machine excludes data used for verification of said bytecodes. 
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